Hi,
> On 4 Feb 2020, at 07:17, s7r wrote:
>
> teor wrote:
>> Hi s7r,
>>
>> Thanks for bringing up IPv6 address privacy extensions.
>>
>>> On 30 Jan 2020, at 02:19, s7r wrote:
>>>
>>
>> I read RFCs 4941 and 3041, looked at the tor directory spec, and did some
>> analysis:
>> * tor clients
Hi Nick,
Thanks so much for your review!
I've made most of the changes you've suggested, you can see the latest
version of the proposal here:
https://github.com/torproject/torspec/pull/105/files
I've also made changes in response to s7r's feedback about IPv6 privacy
extensions. Since sending
On 02/04/2020 03:13 PM, s7r wrote:
> These privacy extensions IPv6 addresses might be good for outbound bind
> exit addresses (for Exit relays), and maybe (not sure) for regular
> clients that could connect to their entry guards or bridges using a
> temporary IPv6 address.
Thanks. Those are
Mirimir wrote:
> On 02/03/2020 02:17 PM, s7r wrote:
>
>
>
>> In the current form of this proposal, it looks kind of optional ("We
>> propose this optional change, to improve..."). I propose removing the
>> line which contains "this optional change" and changing the following:
>>
>> In
juanjo wrote:
> Since no one is posting it here and talking about it, I will post it.
>
> https://nvd.nist.gov/vuln/detail/CVE-2020-8516
>
> The guy:
> http://www.hackerfactor.com/blog/index.php?/archives/868-Deanonymizing-Tor-Circuits.html
>
>
> Is this real?
>
> Are we actually not
On Tue, Feb 04, 2020 at 04:15:23PM -0500, David Goulet wrote:
> On 04 Feb (19:03:38), juanjo wrote:
>
[snip]
>
> And the reason for private nodes is probably because this way you eliminate
> noise from other tor traffic so _anything_ connecting back to your ORPort is
> related to the onion
On 04 Feb (19:03:38), juanjo wrote:
Greetings!
> Since no one is posting it here and talking about it, I will post it.
>
> https://nvd.nist.gov/vuln/detail/CVE-2020-8516
>
> The guy:
> http://www.hackerfactor.com/blog/index.php?/archives/868-Deanonymizing-Tor-Circuits.html
>
> Is this real?
Since no one is posting it here and talking about it, I will post it.
https://nvd.nist.gov/vuln/detail/CVE-2020-8516
The guy:
http://www.hackerfactor.com/blog/index.php?/archives/868-Deanonymizing-Tor-Circuits.html
Is this real?
Are we actually not verifying if the IP of the Rend is a node